4 ways US can boost cyber security

The Obama administration has repeatedly and publicly named China as America’s principal cyber-espionage enemy, highlighting China’s aggressive economic cyberspying against American businesses and critical infrastructure. President Obama himself mentioned cybersecurity concerns during his congratulatory phone call with new Chinese President Xi Jinping.

Deciding to name and shame China openly is a significant step in US cybersecurity policy and has international repercussions: It forces the two countries to address the issue publicly, and shines a spotlight on the cyberactivity of other countries, including the United States. This may increase pressure on governments and companies to act more forcefully against cyber-espionage attacks.

Of course, China is not the only country that has committed, or will commit, cyber-espionage. Indeed, China has accused the US of cyberattacks and recently described itself as a leading victim of hacking attacks. The full scope of international cyberattacks is hard to define because of the challenge of identifying who launched an attack, and the absence of a coordinated, global effort to find out who the hostile cyberactors are.

To navigate this new diplomatic landscape and successfully protect its own cybersecurity interests, the US needs a proactive cyber foreign policy that goes beyond naming and shaming. Here are four steps the US can take to bolster its diplomatic efforts to address cybersecurity threats.

1. Start where countries agree

Jason Lee/Reuters
US Ambassador to China Gary Locke speaks at the 6th US-China Internet Industry Forum in Beijing, April 9, where he said that China and the United States must cooperate on combating Internet theft. Op-ed contributors Emilian Papadopoulos and Eli Sugarman say 'the US needs a proactive cyber foreign policy that goes beyond naming and shaming [China].'

International rules governing cybersecurity are unclear, particularly when it comes to cyber-espionage. That’s because technology is changing rapidly and countries disagree over principles on issues like privacy rights and Internet freedom. Countries are also unwilling to sacrifice their own right to act unilaterally in cyberspace.

One step to start holding countries accountable for cyberattacks is to solidify norms that are already implicitly agreed on. For example, it seems that countries, for the most part, have not hacked into each other’s financial institutions nor disrupted predominantly civilian critical infrastructure. The US should explore past norms in areas such as arms control to derive lessons for cybernorms.

Washington must also engage the private sector in this dialogue, even though some business interests have opposed the administration’s legislative efforts to improve cybersecurity standards.

The private sector owns and operates the majority of the critical infrastructure that the government wants to protect. US-based multinationals have a vested interest in secure, stable cyberspace and can be useful partners in advocating for norms internationally.

Emilian Papadopoulos is chief of staff at Good Harbor, a cyberrisk consulting firm. He previously worked at Canada’s Department of Foreign Affairs. Eli Sugarman is a Truman fellow and senior director of Gryphon Partners. He previously worked at the State Department.

1 of 4

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

You've read  of  free articles. Subscribe to continue.